Every other outgoing email fails SSL handshake
It takes me two tries to send any email with Thunderbird because it gives me this error on the first try:
"Sending of the message failed. The message could not be sent using Outgoing server (SMTP) smtp.$MY_EMAIL_PROVIDER.com for an unknown reason. Please verify that your Outgoing server (SMTP) settings are correct and try again."
(I censored my email provider for privacy reasons; it's my work account.)
The error console gives me:
"Error: An error occurred during a connection to smtp.$MY_EMAIL_PROVIDER.com:587. Peer could not decode an SSL handshake message. Error code: <a id="errorCode" title="SSL_ERROR_DECODE_ERROR_ALERT">SSL_ERROR_DECODE_ERROR_ALERT</a>"
However, when I click "Send" a second time for the exact same email, it sends. This happens reliably every OTHER time.
It does not appear to happen in any other email client from what I can tell. Thunderbird is configured to send outgoing emails via STARTTLS, port 587, 'Normal password' authentication (none of the other authentication options, nor SSL/TLS, are supported by my email provider). I don't get this error when I send with no connection security, but I don't want to go without authentication obviously.
Currently on version 45.2.0 stable, don't know what version number the problem started with.
All Replies (10)
What is your anti-virus software?
christ1 said
What is your anti-virus software?
BitDefender Free Edition, but I still get the same problem even with it disabled/uninstalled.
lightspectra द्वारा
I'd suspect a problem with the server's TLS implementation. Since you obfuscated the information of your email provider there's nothing else which can be done here. Talk to your email provider and have them check their server configuration. Things you can do for troubleshooting: https://support.mozilla.org/en-US/questions/1116781
christ1 said
I'd suspect a problem with the server's TLS implementation. Since you obfuscated the information of your email provider there's nothing else which can be done here. Talk to your email provider and have them check their server configuration. Things you can do for troubleshooting: https://support.mozilla.org/en-US/questions/1116781
I can ask them about it, but why would the SSL handshake fail every *other* attempt, and why does this only happen in Thunderbird?
You can try to set up a different account with a different provider offering TLS, and check whether you run into the same problem.
OK, I was just on the phone with my email provider. I sent two test emails with the config as in my original post: the first went through without a hitch, the second one (with the SSL handshake failure) never even contacted the server (i.e. on my provider's end, no contact attempt was even seen). So my questions are:
1. Is there a way beyond the Error Console in Thunderbird to see where exactly the process is failing? 2. Does this error indicate that STARTTLS is falling back to no connection security at all? 3. Why does this happen in Thunderbird, but in MS Outlook 2010 with the exact same security configuration (TLS, port 587), it all works without a hitch?
I did do as you ask and tried my personal email (@zoho.com). No problems with outgoing email in Thunderbird, with either STARTTLS:587 or SSL/TLS:465. So I have no doubt it's something weird with my work email, but why is it only happening in Thunderbird?
Thank you!
lightspectra द्वारा
There isn't much more I can tell you other than the previously suggested troubleshooting steps.
1. Is there a way beyond the Error Console in Thunderbird to see where exactly the process is failing?
See https://wiki.mozilla.org/MailNews:Logging I wouldn't expect much from this though as you already fail at the very first step, which is the TLS handshake.
2. Does this error indicate that STARTTLS is falling back to no connection security at all?
I don't know, try to check with Wireshark.
3. Why does this happen in Thunderbird, but in MS Outlook 2010 with the exact same security configuration (TLS, port 587), it all works without a hitch?
Again, I don't know. Thunderbird's TLS implementation may be more strict in some regard, and perhaps it triggers a server bug.
You may also try to verify the TLS handshake using openssl. Example:
openssl s_client -connect smtp.$MY_EMAIL_PROVIDER.com:587 -starttls smtp </dev/null </pre>
As indicated over PM, the TLS handshake via OpenSSL succeeded on my system, so that does not appear to be the problem.
I did however notice a new element to this bug just now. Spellcheck only reads the entire outgoing email on the send-attempts where the handshake succeeds. When the outgoing email is destined to fail the handshake, the spellcheck for whatever reason skips over several wrong/unrecognized words.
I'd be really surprised if spellcheck is related to the TLS handshake in any way. Just in case, try to start Thunderbird in safe mode. https://support.mozilla.org/kb/safe-mode-thunderbird
Tried it in Safe Mode. Bug was still occurring.